Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130372e302f32342d3234203d3e20313336373837.roa
File: 39312e3230352e3130372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ZSpxff54lfwJcwYJokGHIdCFZ35ibLdYL3QtD+jkuso=
Subject key identifier: C1:6F:CE:8C:CA:70:A4:6B:C1:69:81:9F:30:D3:65:8B:28:21:AE:C6
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2C35DA6978198B91A69DBB52C5A8F51A9545EDB1
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130372e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 03 Apr 2024 19:03:27 +0000
ROA not before: Wed 03 Apr 2024 18:58:27 +0000
ROA not after: Wed 02 Apr 2025 19:03:27 +0000
asID: 136787
IP address blocks: 91.205.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:35:da:69:78:19:8b:91:a6:9d:bb:52:c5:a8:f5:1a:95:45:ed:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 3 18:58:27 2024 GMT
Not After : Apr 2 19:03:27 2025 GMT
Subject: CN=C16FCE8CCA70A46BC169819F30D3658B2821AEC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b5:51:ce:dc:b4:ee:9a:2c:a0:20:55:a5:a5:
e1:ea:ec:55:b8:d0:0c:67:52:28:f7:95:48:8c:d0:
f0:78:d7:f5:42:78:c2:78:87:d7:fa:34:7b:85:1a:
70:f8:59:1c:a5:c7:86:d1:43:f3:98:04:0d:28:85:
0e:61:94:2c:4f:da:5d:12:79:eb:d7:dd:9f:01:a2:
31:17:cc:35:ab:2e:44:fb:cb:7a:3e:3a:f9:3f:6c:
b2:65:31:b5:bb:1a:17:c0:b5:84:2a:af:90:53:48:
29:46:f4:e8:fb:4b:83:d2:4b:20:b9:6f:3a:6e:0b:
a6:a8:95:b6:72:4e:5e:62:c2:28:fe:4b:b4:07:f0:
74:83:cd:72:da:4a:be:be:ef:99:56:f2:12:b9:26:
7d:87:e9:cf:f4:e9:72:4e:43:c6:9c:b6:f4:05:40:
21:81:5c:34:af:6a:75:00:3b:fd:fe:28:a9:82:ca:
de:9f:c9:61:2f:41:c5:b1:3b:c2:66:24:2c:62:47:
a8:e0:ca:3e:29:82:75:de:1d:a3:9c:03:4e:18:28:
bf:cc:0b:0b:7f:c1:68:90:93:da:b7:db:02:01:2a:
ac:98:1c:1f:52:c8:6b:bc:db:b8:40:6d:19:33:cf:
4b:07:5e:0c:e3:52:d4:34:7f:a7:8a:36:1e:88:9b:
64:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:6F:CE:8C:CA:70:A4:6B:C1:69:81:9F:30:D3:65:8B:28:21:AE:C6
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.107.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:7c:79:b2:14:ad:17:3a:e7:86:aa:97:fc:79:89:ae:2c:56:
ba:f9:c1:ac:5a:63:8c:a1:bf:b6:cd:90:dc:79:5a:fc:1c:ab:
80:fd:ab:c5:a8:dc:0d:87:3a:2a:d7:25:1d:cb:5a:c0:2d:a0:
af:c3:1f:a2:bc:53:8b:bd:41:83:d9:05:77:a3:d7:9e:e0:11:
1c:fe:df:55:7e:4f:3f:04:87:b0:05:de:f7:6c:7f:e2:01:02:
95:b3:d6:f3:ba:7d:ed:c1:05:2a:0e:49:dc:16:fb:e9:22:25:
71:20:41:4c:0b:9d:81:f8:d8:33:0d:74:e1:7d:65:35:c0:45:
2f:20:dc:e7:c7:77:47:6e:7a:7e:89:77:7b:cd:04:f5:72:fb:
f2:dd:ec:eb:a5:b9:ba:b8:cc:52:64:55:62:38:40:4b:5b:30:
48:a8:8f:86:c5:7b:39:77:f5:c6:53:de:bc:75:f0:9f:75:f8:
e4:a3:1a:9d:0e:9d:1e:28:b2:f4:9e:3f:44:2b:78:2e:49:c6:
2b:0d:5a:ef:92:2b:2c:55:90:ca:7c:ed:ac:aa:51:c9:de:e5:
c1:b1:22:63:58:f5:e0:c5:4b:ad:e8:ce:ed:36:b7:d4:da:51:
68:9c:9b:6f:99:15:66:e1:7f:10:fa:92:06:56:2b:30:5b:74:
50:be:72:86
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULDXaaXgZi5GmnbtSxaj1GpVF7bEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDA0MDMxODU4MjdaFw0yNTA0MDIxOTAzMjdaMDMxMTAvBgNV
BAMTKEMxNkZDRThDQ0E3MEE0NkJDMTY5ODE5RjMwRDM2NThCMjgyMUFFQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXtVHO3LTumiygIFWlpeHq7FW4
0AxnUij3lUiM0PB41/VCeMJ4h9f6NHuFGnD4WRylx4bRQ/OYBA0ohQ5hlCxP2l0S
eevX3Z8BojEXzDWrLkT7y3o+Ovk/bLJlMbW7GhfAtYQqr5BTSClG9Oj7S4PSSyC5
bzpuC6aolbZyTl5iwij+S7QH8HSDzXLaSr6+75lW8hK5Jn2H6c/06XJOQ8actvQF
QCGBXDSvanUAO/3+KKmCyt6fyWEvQcWxO8JmJCxiR6jgyj4pgnXeHaOcA04YKL/M
Cwt/wWiQk9q32wIBKqyYHB9SyGu827hAbRkzz0sHXgzjUtQ0f6eKNh6Im2R5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUwW/OjMpwpGvBaYGfMNNliyghrsYwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzkzMTJlMzIzMDM1MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABbzWswDQYJKoZIhvcNAQELBQADggEBALN8ebIUrRc654aql/x5ia4sVrr5waxa
Y4yhv7bNkNx5Wvwcq4D9q8Wo3A2HOirXJR3LWsAtoK/DH6K8U4u9QYPZBXej157g
ERz+31V+Tz8Eh7AF3vdsf+IBApWz1vO6fe3BBSoOSdwW++kiJXEgQUwLnYH42DMN
dOF9ZTXARS8g3OfHd0duen6Jd3vNBPVy+/Ld7Oulubq4zFJkVWI4QEtbMEioj4bF
ezl39cZT3rx18J91+OSjGp0OnR4osvSeP0QreC5JxisNWu+SKyxVkMp87ayqUcne
5cGxImNY9eDFS63ozu02t9TaUWicm2+ZFWbhfxD6kgZWKzBbdFC+coY=
-----END CERTIFICATE-----
Generated at Sat Jun 1 07:23:17 2024 by rpki-client on console-ams.rpki-client.org